On 06.01.2026 13:05, Dumitru Ceara wrote:
For the "full" solution, I guess we should probably mark somehow that a
packet needs an ICMP error to be generated because its TTL expired (all
other ICMP errors we currently generate are for IP traffic destined to
router owned IPs). In that same flow we could already swap the source
and destination IPs.
Then later, after the route lookup (which now happens with the original
source as destination in the packet), match on the flag we set earlier
(*) and use the same logic as in af6e83707568 ("northd: Use next-hop
network for SNAT when lb_force_snat_ip=router_ip.") and select the
correct network IP to use as source (esentially move the icpm4/6 {}
action later in the pipeline).
Hi ilya and Dumitru, Thanks for your comments, I really rushed into making a
decision.
I will prepare a new version and also follow up patch that you mentioned as
separate one.
--
regards,
Alexandra.
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
